$ rpki-client -vvf rpki.apnic.net/member_repository/A9149905/394D064A1D9B11E2BE12EF8808B02CD2/y7aOmQU8HeJHirvi3_KrzsDRsUg.mft File: y7aOmQU8HeJHirvi3_KrzsDRsUg.mft (raw, json) Hash identifier: Q5scdkmQ+L+20QOmzcUMDr0alXsoIFaq4KrWMlt6bN8= Subject key identifier: F1:C9:FE:4E:27:40:F8:59:9F:7F:A1:71:FA:45:BA:58:6E:61:22:09 Authority key identifier: CB:B6:8E:99:05:3C:1D:E2:47:8A:BB:E2:DF:F2:AB:CE:C0:D1:B1:48 Certificate issuer: /CN=A9149905/serialNumber=CBB68E99053C1DE2478ABBE2DFF2ABCEC0D1B148 Certificate serial: 3490 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y7aOmQU8HeJHirvi3_KrzsDRsUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9149905/394D064A1D9B11E2BE12EF8808B02CD2/y7aOmQU8HeJHirvi3_KrzsDRsUg.mft Manifest number: 348A Signing time: Sat 31 May 2025 14:56:43 +0000 Manifest this update: Sat 31 May 2025 14:56:43 +0000 Manifest next update: Sat 07 Jun 2025 14:56:43 +0000 Files and hashes: 1: y7aOmQU8HeJHirvi3_KrzsDRsUg.crl (hash: sDuE5CFCJ+fBrJDppWVnsaWfP0cdcTsbofXIqRtFaJM=) 2: A6D6CA7E022C11EBAC47A831C4F9AE02.roa (hash: w/zPMK06vnyoVLL/BGNp77uAUStxaD44YXARWWRfkvk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9149905/394D064A1D9B11E2BE12EF8808B02CD2/y7aOmQU8HeJHirvi3_KrzsDRsUg.crl rsync://rpki.apnic.net/member_repository/A9149905/394D064A1D9B11E2BE12EF8808B02CD2/y7aOmQU8HeJHirvi3_KrzsDRsUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y7aOmQU8HeJHirvi3_KrzsDRsUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 14:56:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13456 (0x3490) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9149905, serialNumber=CBB68E99053C1DE2478ABBE2DFF2ABCEC0D1B148 Validity Not Before: May 31 14:56:43 2025 GMT Not After : Jun 7 14:56:43 2025 GMT Subject: CN=683b18ab-e1c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:5c:44:cc:ce:a6:55:70:74:ba:6e:5b:9c:ea: e2:bb:7e:0f:4b:ee:19:b8:5f:e0:4d:d9:41:f2:18: 40:3e:77:01:fb:11:02:44:40:0f:87:f8:04:42:26: 75:00:e7:45:a5:a1:89:0a:cc:e5:cc:5f:94:6e:49: c6:8c:ce:fa:d1:c7:80:6d:97:e0:4c:7d:63:ba:16: 35:49:87:66:4f:be:ba:0b:bd:37:b9:77:2d:f5:aa: 45:02:22:82:58:e6:28:64:12:df:69:8f:2d:6b:7a: 38:61:91:90:16:8d:02:7a:97:d1:b8:93:f0:50:fc: 6a:5d:83:04:78:dd:b6:5d:4f:4a:a8:1d:65:1b:d1: c8:72:96:6d:52:01:65:6c:5a:74:80:c1:ba:31:3f: f4:28:96:f0:43:d0:5d:57:fa:e9:cd:e1:6f:00:06: 03:db:29:81:5b:40:fe:30:cb:07:cb:a6:bb:80:c7: c3:1e:14:ad:ea:fc:0a:e6:da:80:13:86:81:9a:f0: 0a:bc:97:eb:b9:a2:03:2b:91:14:0b:09:06:9a:46: 41:94:00:8d:da:18:d0:db:a8:a8:36:59:74:04:1d: 03:ae:44:af:2a:32:60:27:61:0f:27:bf:52:ee:9b: 58:ae:71:af:c3:d0:5f:ec:21:ca:0b:17:0d:c3:b6: d5:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:C9:FE:4E:27:40:F8:59:9F:7F:A1:71:FA:45:BA:58:6E:61:22:09 X509v3 Authority Key Identifier: keyid:CB:B6:8E:99:05:3C:1D:E2:47:8A:BB:E2:DF:F2:AB:CE:C0:D1:B1:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9149905/394D064A1D9B11E2BE12EF8808B02CD2/y7aOmQU8HeJHirvi3_KrzsDRsUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y7aOmQU8HeJHirvi3_KrzsDRsUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149905/394D064A1D9B11E2BE12EF8808B02CD2/y7aOmQU8HeJHirvi3_KrzsDRsUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 93:8c:5b:1d:2e:10:f1:04:05:64:90:f7:f5:d0:e8:18:cd:99: 93:aa:67:83:d7:a0:91:40:f9:9f:f2:1f:23:9d:9f:8a:af:4d: 75:d6:6e:9e:8d:da:49:8a:1e:53:e0:74:ff:f4:35:a3:8e:00: 8a:2f:25:1c:d0:28:fc:2e:37:03:5e:18:f6:5c:e3:73:69:3a: 15:7c:6d:3c:60:91:96:4b:b9:ec:06:93:b2:e5:72:a0:36:2f: 1c:a1:77:9d:3a:89:f8:7e:0b:b9:ad:05:49:65:39:01:37:02: e7:da:31:ae:0e:6b:4b:35:89:6e:c8:ec:2a:56:2d:14:d9:4f: 73:d0:29:ca:9a:a2:86:43:07:02:9b:df:20:f8:32:65:ff:33: 4d:72:d8:01:5c:82:a5:f5:f9:c3:42:76:68:5e:ca:fb:5b:f3: 01:56:d1:f5:31:50:ec:2e:62:b6:9a:3d:d6:26:66:9e:9b:30: 22:63:54:45:1e:a3:b7:28:7f:c9:dd:9e:5a:86:f4:b6:ca:af: 1b:15:cb:62:8f:21:bb:9e:ce:7b:fd:a9:42:6d:0a:27:93:92: d9:00:c7:56:a8:9c:e9:5c:d0:74:4d:d5:3d:1d:d3:6a:91:75: f1:73:e0:f4:bc:e6:60:53:84:2e:6f:70:aa:95:75:57:12:7e: 42:0f:33:31 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDk5MDUxMTAvBgNVBAUTKENCQjY4RTk5MDUzQzFERTI0NzhBQkJFMkRGRjJBQkNF QzBEMUIxNDgwHhcNMjUwNTMxMTQ1NjQzWhcNMjUwNjA3MTQ1NjQzWjAYMRYwFAYD VQQDEw02ODNiMThhYi1lMWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxlxEzM6mVXB0um5bnOriu34PS+4ZuF/gTdlB8hhAPncB+xECREAPh/gEQiZ1 AOdFpaGJCszlzF+UbknGjM760ceAbZfgTH1juhY1SYdmT766C703uXct9apFAiKC WOYoZBLfaY8ta3o4YZGQFo0CepfRuJPwUPxqXYMEeN22XU9KqB1lG9HIcpZtUgFl bFp0gMG6MT/0KJbwQ9BdV/rpzeFvAAYD2ymBW0D+MMsHy6a7gMfDHhSt6vwK5tqA E4aBmvAKvJfruaIDK5EUCwkGmkZBlACN2hjQ26ioNll0BB0DrkSvKjJgJ2EPJ79S 7ptYrnGvw9Bf7CHKCxcNw7bVPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPHJ/k4n QPhZn3+hcfpFulhuYSIJMB8GA1UdIwQYMBaAFMu2jpkFPB3iR4q74t/yq87A0bFI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OTkwNS8zOTREMDY0QTFE OUIxMUUyQkUxMkVGODgwOEIwMkNEMi95N2FPbVFVOEhlSkhpcnZpM19LcnpzRFJz VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3k3YU9tUVU4SGVKSGlydmkzX0tyenNEUnNVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OTkwNS8zOTREMDY0QTFEOUIxMUUyQkUxMkVGODgwOEIwMkNEMi95N2FPbVFVOEhl SkhpcnZpM19LcnpzRFJzVWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCTjFsdLhDxBAVkkPf10OgYzZmTqmeD16CRQPmf8h8jnZ+Kr0111m6e jdpJih5T4HT/9DWjjgCKLyUc0Cj8LjcDXhj2XONzaToVfG08YJGWS7nsBpOy5XKg Ni8coXedOon4fgu5rQVJZTkBNwLn2jGuDmtLNYluyOwqVi0U2U9z0CnKmqKGQwcC m98g+DJl/zNNctgBXIKl9fnDQnZoXsr7W/MBVtH1MVDsLmK2mj3WJmaemzAiY1RF HqO3KH/J3Z5ahvS2yq8bFctijyG7ns57/alCbQonk5LZAMdWqJzpXNB0TdU9HdNq kXXxc+D0vOZgU4Qub3CqlXVXEn5CDzMx -----END CERTIFICATE-----Generated at Sat May 31 17:11:26 2025 by rpki-client